16 Replies Latest reply: Sep 20, 2012 9:26 AM by Peter Cammaert RSS

    DMS with AD & custom groups = empty accesspoint

    Peter Cammaert

      At a customer of ours, we're building a specific authorization mechanism using QVS EE, QVP and DMS (all on same server running QV11IR). Users are authenticated using AD and recognized by way of the Active Directory DSC. A Configurable ODBC provides custom groups for all users that should have access to the documents in the portal.

      We can query these users in the QMC Users tab. They appear to belong to both the correct AD groups AND the custom groups that were defined in an Oracle DB.

       

      When we create a distribution task for reloading and distributing a single document to a custom group, the QMC confirms (via the same Users menu) that the document is reloaded and distributed to this custom group. Selecting a single member in the QMC->Users list produces confirmation that the user belongs to the distribution group (Groups tab), has access to the correct test document (Documents tab) and got the necessary rights from the correct task because of being a member of this custom group (Distribution tab).

       

      However, when the same lucky user opens the portal, no documents are available. Just an empty list...

      No error messages or warnings are present in the logs. All DSC activity is successful.

       

      The QVWS log contains the only indicator that something is wrong. The GetAdminDocListForUser request consistently returns an empty list.

       

      BTW this user has all necessary NTFS rights to folders and documents, but I don't think that matters when using DMS.

       

      Is there a reason why QMC keeps telling everything's just fine when the published documents remain invisible in the AccessPoint?

       

      Thnx,

       

      Peter